fe / yohoblk-wap · Commits

Go to a project

Authored by ccbikai
Commit 716e6e3e0acb9a493bd4c7d5ddeda2250defde2c 1 parent e3211b14

add uid check

Inline Side-by-side
Showing 3 changed files with 8 additions and 11 deletions
@@ -11,7 +11,7 @@ module.exports = (req, res, next) => { @@ -11,7 +11,7 @@ module.exports = (req, res, next) => {
11 if (!req.user.uid) { 11 if (!req.user.uid) {
12 if (req.xhr) { 12 if (req.xhr) {
13 return res.json({ 13 return res.json({
14 - code: 400, 14 + code: 401,
15 message: '抱歉,您暂未登录!' 15 message: '抱歉,您暂未登录!'
16 }); 16 });
17 } 17 }
1 -const _ = require('lodash');  
2 -const cookie = global.yoho.cookie; 1 +const md5 = require('yoho-md5');
3 2
4 module.exports = () => { 3 module.exports = () => {
5 return (req, res, next) => { 4 return (req, res, next) => {
6 - // 从 SESSION 中获取到当前登录用户的 UID  
7 - if (req.session && _.isNumber(req.session._LOGIN_UID)) {  
8 - req.user.uid = req.session._LOGIN_UID;  
9 - } 5 + const uid = req.cookies._YOHOUID;
  6 + const token = req.cookies._YOHOTOKEN;
  7 + const key = `-_-!!!${uid}!!!-_-`;
10 8
11 - // session 没有读取到的时候,从 cookie 读取 UID  
12 - if (!req.user.uid && req.cookies._UID) {  
13 - req.user.uid = cookie.getUid(req); 9 + if (md5(key) === token) {
  10 + req.user.uid = uid;
14 } 11 }
15 12
16 next(); 13 next();
@@ -29,7 +29,6 @@ @@ -29,7 +29,6 @@
29 "express-session": "^1.14.0", 29 "express-session": "^1.14.0",
30 "influxdb-winston": "^1.0.1", 30 "influxdb-winston": "^1.0.1",
31 "lodash": "^4.13.1", 31 "lodash": "^4.13.1",
32 - "md5": "^2.1.0",  
33 "memcached": "^2.2.1", 32 "memcached": "^2.2.1",
34 "moment": "^2.14.1", 33 "moment": "^2.14.1",
35 "morgan": "^1.7.0", 34 "morgan": "^1.7.0",
@@ -39,6 +38,7 @@ @@ -39,6 +38,7 @@
39 "uuid": "^2.0.2", 38 "uuid": "^2.0.2",
40 "winston": "^2.2.0", 39 "winston": "^2.2.0",
41 "winston-daily-rotate-file": "^1.1.4", 40 "winston-daily-rotate-file": "^1.1.4",
  41 + "yoho-md5": "^2.0.0",
42 "yoho-node-lib": "0.0.21" 42 "yoho-node-lib": "0.0.21"
43 }, 43 },
44 "devDependencies": { 44 "devDependencies": {